Welcome to the resources page! We have compiled a collection of useful information, tools, and resources to help you
Managing OT Cyber risk takes on different approaches and expertise depending on the potential consequences of compromise to a particular system. This is why it is important to delve into the distinction and importance of an engineering-centric approach to managing OT cyber risk.
Protecting a regional Transmission System Operator (TSO) in Europe from outside cyber threats.
The industrial security initiative was triggered by the 9/11 attack on the World Trade Center. Aaron Turner, on the faculty at IANS Research, helped investigate laptop computers used by 9/11 attackers and joined up with Michael Assante to persuade government authorities to launch what has become today’s industrial cybersecurity industry. Aaron takes us through the formative years – from 9/11 to the Aurora generator demonstration.
Cybersecurity and IEC 62443 are increasingly relevant to building automation. Parking garages contain safety-critical CO2 sensors that control fans, the MGM breach is in the news and standards bodies are debating minimum security levels for different kinds of systems. Kyle Peters of Intelligent Buildings joins us to look at IEC 62443-2-1 style security assessments of modern buildings and what we can learn from those assessments.
Adversaries who can physically touch a target have a huge advantage when it comes to compromising that target. Mike Almeyda of Force5 joins us to look at tools for physical security that support cybersecurity, especially for the North American NERC CIP standards.
In the webinar, we discuss engineering-grade OT security, a new model for cyber risk, and how to decide how much security is needed for different types of systems.
In the webinar, I introduced network engineering in the context of Cyber-Informed Engineering (CIE) with useful examples.
The NIS2 Directive is a directive by the European Parliament on the measures that need to be taken for a high common level of cybersecurity across the European Union.
It’s better to have logs and not need them, than to need logs and not have them. And the same applies to dual-logs. With dual-logs, cyber attackers are putting themselves in danger and revealing their intentions every time they wipe their events from the log.
